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SMART DEVICE FACILITATING 
COMPUTER NETWORK INTERACTION 



FIELD OF INVENTION 

5 The present invention involves smart objects, for example, integrated 

component based end-user cards commonly known as "smart cards", or devices 
that contain smart objects. More specifically, the present invention involves a 
smart device or object that provides, among other things, a secure, personalized, 
portable interface that facilitates computer network interaction (e.g., intranet 
1 0 and/or internet interaction) . 

BACKGROUND 

Smart cards have been in use for quite some time. In general, smart cards 
resemble credit cards. Unlike typical credit cards, however, smart cards contain a 

15 semiconductor chip(s) that include a built-in memory and, in most conventional 

smart devices, a microprocessor. The incorporation of microprocessors into smart 
cards has resulted in cards that are highly versatile. For instance, smart cards that 
contain microprocessors are capable of storing and executing programs (e.g., 
applets) which can, in turn, be used to provide a wide range of functionality. 

20 Typically, systems and/or devices that employ smart cards include at least 

two fundamental components. First, there is the smart card itself. Second, such 
systems include an interface device, or card reader. The card reader is actually an 
input/output (i.e., read/ write) device that communicates with the smart card in a 
secure maimer in order to access the information stored therein. In one type of 

25 system, the smart card is inserted into a slot in the card reader which brings 
electrical contacts in the reader into engagement with mating contacts on the 
exterior of the smart card. The engaged contacts enable a microcontroller in the 
card reader to communicate with the memory and/or microprocessor in the smart 
card. The reader is generally connected to any one of a number of different local 
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or peripheral devices depending on the type of system into which the card reader is 
incorporated. In a security system, for example, the card reader might be 
connected to an electronic lock that permits a door to be opened. In a banking 
system, the reader could be incorporated into an automatic teller machine. Of 
5 particular relevance to the present invention, the local or peripheral device might 
be a personal computer, or any other like device that permits a end-user to interact 
with a computer network, such as the Internet, via a wireline or wireless interface. 
Other such devices include, but are in no way limited to kiosks, mobile 
telephones, laptop computers and personal digital assistants (i.e., PDAs), where 

10 the smart card may be connected thereto or contained therein. 

Presently, there are several known smart card products designed to 
facilitate interaction with the Internet. A first example is a product called Smart 
Passky. The primary feature associated with this product is its ability to capture 
and store a end-user identification code (ID) and password that is used to access a 

15 particular Internet site. However, this process is not automated; it is manual. 

Thus, the end-user must perform several cumbersome, time consuming steps in 
order to capture and store a given end-user ID and password. Moreover, when the 
end-user attempts to log on to an Internet site, providing the corresponding end- 
user ID and password is also a manual process which, at best, requires the end- 

20 user to drag-and-drop the information into the appropriate location in order to gain 
access to the site. 

A second example of a known smart card product designed to facilitate 
Internet usage is a product called Pocket Server. Pocket Server also has the ability 
to capture end-user ID and password information. However, it too is a manual 
25 process. Like Smart Passky, Pocket Server is unable to automatically determine 
when a end-user ID and password are needed to access a corresponding Internet 
site, and thereafter, provide the end-user ID and password without further end- 
user involvement. 
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Still another known smart card product is Password Officer. Password 
Officer is capable of storing a number of end-user passwords and log-in sequences. 
It is also capable of automatically providing that information to a website in order 
to gain access thereto. However, Password Officer lacks the ability to 
5 automatically and dynamically capture such information. In order to achieve this, 
the end-user might have to create a macro, wherein a different macro might be 
required in each instance. 

Additionally, there are a number of non-smart card products that are 
designed to facilitate computer network interaction. While some of these products 

10 are also capable of storing and supplying end-user information, these non-smart 
card based products, in general, inherently fail to provide a number of features 
that smart card products are capable of providing, such as portability, 
personalization, and reliable end-user authentication to name just a few. 

One exemplary non-smart card product is Gator. Though Gator is, to 

15 some extent, capable of automatically providing end-user ID and password 
information, as well as other information, Gator does so through a proxy 
technique, whereby a remote website (i.e., a proxy server) gathers the information 
from the end-user, and thereafter, provides the information to the website that 
requires the information. One significant drawback with this proxy server 

20 technique is that the end-user's personal information is transmitted over the 
Internet; thus, it runs the risk of being compromised. 

Given the various limitations associated with smart card and non-smart card 
based products, and the ever increasing dependence on computer network 
communications, there is a strong need to simplify and automate features such as 

25 automatic end-user ID and password capture, as well as automatic form-fill, end- 
user authentication, personalization and portability into a single product. 



SUMMARY OF THE INVENTION 

The present invention is directed to a smart object, such as a smart card, a 
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smart device containing a smart card, or a smart device capable of operating in a 
manner that is equivalent to a smart card, which facilitates access to and 
interaction with a computer network, including, but not limited to the Internet. In 
general, the smart device or object is but one component in a larger system that 
5 includes application software, a local or peripheral device (e.g., a personal 
computer), one or more computer and/or telecommunications networks, and 
possibly, back-end network services. 

In accordance with one exemplary configuration, the application software is 
stored on an executed from the peripheral device, while end-user data (e.g., 

10 personal information, end-user identification codes and passwords) is stored in the 
smart device or object. However, in other exemplary configurations, the 
application software might be stored on and executed from the smart device or 
object. The application software, along with the end-user data, provides the end- 
user with a number of unique functions, some of which are available to the end- 

15 user through a portable, personalized user interface (UI), such as a graphical user 
interface (GUI) which, in turn, is displayable to the end-user through the local or 
peripheral device. The features include, for example, a end-user identification 
code (ID) and password storage and maintenance feature, a personal data storage 
and maintenance feature, a credit card data storage and maintenance feature, an 

20 automatic browser and universal resource locator (URL) launch feature, a favorite 
site/application storage and maintenance feature, a digital identification capture 
and store feature, a personal network management and transaction feature, a quick- 
link feature, an on-line reward accumulation, redemption and transfer feature, a 
media download feature, and a card XML feature. 

25 Another feature is the automatic, on-line form-fill feature. This feature 

facilitates the user f s ability, for example, to complete on-line transactions or gain 
access to network sites, where it is first necessary to complete a corresponding on- 
line form. In general, the user selects one of a number of personal profiles that 
are stored in the memory of the smart device; one of a number of credit card 
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profiles stored in the memory of the smart device; and/or one of a number of user 
identification and password profiles stored in the memory of the smart device. 
The feature then automatically transfers information associated with these various 
"default" profiles directly to a remote entity, such as a remote service provider, 
5 which requires the completion of the on-line form. 

One objective of the present invention is to simplify access, navigation and 
e-commerce in a computer and/or telecommunication network environment using a 
personalized, private and portable solution. 

Another objective of the present invention is to facilitate access to an 
10 interaction with a computer and/or telecommunications network, and more 
particularly, sites and/or applications associated therewith. 

It is another objective of the present invention to personalize and/or 
customize a end-user's ability to access and interact with the computer and/or 
telecommunications network. 
15 It is still another objective of the present invention to provide the end-user 

with a personalized and/or customized access and interaction solution that is also 
portable. 

It is yet another objective of the present invention to provide the issuer of 
the smart object, smart device, or smart card with the capability to control the end- 
20 user's ability to access and interact with the network. 

It is another objective of the present invention to provide a substantial 
degree of privacy and security to protect the personal, confidential information that 
is stored on or in the smart object, device or card. 

In accordance with a first embodiment of the present invention, the above- 
25 identified and other objectives are achieved by a computer network based system. 
The system includes, among other features, a first network device and a smart 
device that is capable of communicating with the first network device. The smart 
device comprises means for storing one or more data entries that represent 
personal information that is associated with the user of the smart device. In 
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addition, the system includes a second network device that is connected to the first 
network device by a computer network. Still further, the system includes means 
for analyzing one or more data requests which have been transferred from the 
second network device to the first network device via the computer network; 
5 means for matching each of the one or more data requests with a corresponding 
one of the stored data entries; and means for automatically transferring to the 
second network device, from the first network device, one or more data 
sequences, each being associated with a corresponding one of the stored data 
entries. 

10 In accordance with a second embodiment of the present invention, the 

above-identified and other objectives are achieved by a method for completing an 
on-line form, where the method is employed in a system that includes a smart 
device, a first network device, a second network device and a computer network 
connecting the first network device and the second network device. The method 

15 includes, among other features, the step of storing one or more data entries in a 
memory associated with the smart device, where each of the one or more data 
entries represents information that is associated with a user of the smart device. 
The method further involves transferring an on-line form from the second network 
device to the first network device via the computer network, where the on-line 

20 form includes one or more data elements. Once the on-line form has been 

transferred, each of the one or more data elements are compared to one or more of 
the stored data entries. Then, one or more data sequences are transferred from the 
first network device to the second network device, where each data sequence is 
associated with a corresponding data entry that matches a data element. 

25 In accordance with a third embodiment of the present invention, the above- 

identified and other objectives are achieved by a method for completing an on-line 
form, where the method is employed in a system that includes a smart device, a 
peripheral device and a remote network server that is connected to the peripheral 
device by a computer network. The method includes the step of displaying the on- 
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line form on a display that is associated with the peripheral device. Thereafter, a 
model of the on-line form is created, where the model comprises a plurality of data 
elements that are associated with the on-line form. The method then involves 
analyzing a pattern associated with each of the data elements; comparing the data 
5 pattern associated with each of the data elements to a data pattern associated with 
one or more data entries stored in memory on the smart device; and associating a 
data entry with a corresponding data element if the data pattern of the data entry 
matches the data pattern of the data element. A data sequence associated with the 
data entry is then transferred from the memory on the smart card to the model of 
10 the on-line form, if the data pattern of the data entry matches the data pattern of 
the data element, where the data sequence represents information associated with 
the user of the smart device. Finally, the on-line form is re-displayed, where the 
on-line form includes one or more data sequences, each being associated with a 
corresponding one of the plurality of data elements. 

15 

BRIEF DESCRIPTION OF THE FIGURES 

The objectives and advantages of the present invention will be understood 
by reading the following detailed description in conjunction with the drawings, in 
which: 

20 Figures 1A and IB illustrate a conventional, personal computer system ' 

configured to operate with a smart card, and the basic structure of an exemplary 

smart card and card reader respectively; 

Figure 2 illustrates a smart card based system in accordance with 

exemplary configurations of the present invention; 
25 Figure 3 illustrates an exemplary graphical end-user interface in accordance 

with the present invention; 

Figures 4A and 4B illustrate an exemplary text box and flowchart, 

respectively, associated with an automatic browser and universal resource locator 

feature of the present invention; 
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Figure 5 illustrates the exemplary graphical end-user interface in 
accordance with a personal website storage and maintenance feature of the present 
invention; 

Figures 6A, 6B and 6C illustrate the exemplary graphical end-user 
5 interface, an exemplary text box, and a flowchart, respectively, associated with a 
end-user identification code and password storage and maintenance feature of the 
present invention; 

Figures 7 A and 7B illustrate an exemplary text box and the exemplary 
graphical end-user interface, respectively, associated with a personal profile 
10 storage and maintenance feature of the present invention; 

Figures 8 A and 8B illustrate an exemplary text box and flowchart 
associated with credit card storage and maintenance feature of the present 
invention; 

Figure 9 is a flowchart associated with an intelligent form-filling feature of 
15 the present invention; 

Figures 10A and 10B illustrate an exemplary end-user interface and 
flowchart, respectively, associated with a personal network management and 
transaction feature of the present invention; 

Figure 1 1 is a flowchart associated with a digital identification capture and 
20 storage feature of the present invention; and 

Figure 12 is a flow chart illustrating an on-line reward accumulation, 
redemption and transfer feature. 

DETAILED DESCRIPTION OF THE INVENTION 

25 To facilitate an understanding of the principles and features of the present 

invention, the present invention is described hereinafter in the context of a specific 
embodiment. In particular, reference is made to an implementation of the 
invention in which a smart card can be connected to a personal computer. It will 
be appreciated, however, that the practical applications of the invention are not 
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limited to this particular embodiment. Rather, the invention can be implemented 
in a variety of ways and employed in a variety of different systems. Of particular 
interest is the utilization of the present invention in connection with local or 
peripheral devices other than a personal computer. Such other peripheral devices 
5 might include, but are not limited to kiosks, laptops, mobile telephones, personal 
digital assistants (PDAs), and other devices that are capable of communicating 
with smart objects and other entities over computer and/or telecommunications 
networks. 

Figure 1A is an illustration of a conventional personal computer system 

10 100 which is configured to operate with a smart card. As is typical, the computer 
system might include a central processing unit (CPU) 102 and the basic input and 
output devices that are employed by the end-user to interact with programs being 
executed by the CPU 102, such as a keyboard 105 and a monitor 110. In addition, 
the system 100 shown in Figure 1A includes a smart card reader 115. In actuality, 

15 the card reader 115 is an input/output (I/O) device that is capable of reading data 
from and writing data to the smart card. In a conventional arrangement, the 
exchange of information between a smart card and the card reader 115 may be 
carried out in accordance with a standard protocol. However, the use of a card 
reader that does not strictly conform to published standards is certainly 

20 foreseeable. The card reader 115 may connect to the CPU 102 via a standard 
input/output port, such as a Universal Serial Bus (USB) port or an RS232 serial 
port. Alternatively, the structure of the reader 115 might be incorporated into the 
housing of the CPU 102 or the keyboard 105. In accordance with other 
alternatives, a card reader may not be required, particularly where the smart card 

25 is incorporated into a smart device, such as a mobile telephone or PDA, which 
communicates with the local or peripheral device, or where the smart device 
communicates directly with remote entities over a telecommunications network, 
such is the case with a web appliance, including cable set-top boxes. 
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Figure IB illustrates the basic structure of an exemplary smart card 120 
and card reader 115. Generally speaking, the smart card 120 is a end-user card 
made of plastic or other suitable material, similar to a common credit card, having 
a number of electrical contacts 125 on one exterior surface thereof. Embedded 
5 within the structure of the card 120 is an electronic memory 130 and, in a 
preferred configuration, a microprocessor 135. For ease of illustration, the 
memory 130 and microprocessor 135 are shown as being offset from the contacts 
125. However, in practice they can be located directly beneath the contacts. The 
dimensions of the card 120, and the arrangement and location of the contacts 125, 
10 are generally determined by applicable standards. 

The card reader 115 has a slot 140 that is appropriately dimensioned to 
receive the card 120. The bottom of the slot 140 has a switch 145, or other form 
of sensor, to detect when the card is fully inserted into the slot. The interior 
surface of the slot has a set of mating contacts (not shown) which engage 
15 corresponding contacts 125 on the smart card 120 when it is fully inserted. When 
the switch 145 detects that smart card 120 is completely inserted into the slot 140 
of the card reader 115, it sends a signal which causes the card reader 115 to 
initiate a power-up procedure. 

Figure 2 presents an overview pf a smart-device based system 200. As 
20 shown, the system 200 includes, among other elements, a smart card(s) 202, a 
card reader 205, smart card software and data 209, application software 210, a 
local computer 215, herein referred to as a peripheral device (e.g., a kiosk or a 
personal computer), a computer or telecommunications network (e.g., a local area 
network, a wide area network or the Internet), and back-end services associated 
25 with a remote service provider 220. Again, it will be understood that the card 
reader 205 is an input/output device that is capable of both reading and writing 
data to and from the smart card(s) 200. 

The system 200 illustrated in Figure 2 is exemplary; thus, other 
configurations are certainly feasible. One such alternative configuration might 
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incorporate the card reader 205, as stated previously, into the structure of the 
peripheral device 215, In another alternative configuration, the various functions 
associated with the card reader 205 and the smart card(s) 202 might be integrated 
into a portable smart device, such as a mobile telephone or a watch, where the 
5 portable smart device may communicate with the peripheral device 215 via a 

wireline or wireless (e.g., RF) link. In still another alternative configuration, the 
application software 210 may reside in the smart card(s) 202. In yet a further 
alternative configuration, the peripheral device 215 may take on any number of 
different forms, such as a fixed device (e.g., a kiosk), a desktop device (e.g., a 
10 personal computer), a transportable device (e.g., a laptop computer) or a mobile 
device (e.g., a PDA or mobile telephone). However, other peripheral devices are 
foreseeable. 

The application software 210 may be pre-loaded, downloaded or installed 
by the end-user through a software interface. If pre-loaded, the end-user may have 

15 the ability to alter the application software. If downloaded, for example, when the 
smart card 202 is first inserted into the card reader, it will be understood that the 
network address of the application software will be stored on the smart card 202. 
It will also be understood that updates to the application software might be 
downloaded, if necessary, upon subsequent use of the smart card. 

20 Preferably, the application software 210 comprises a number of software 

modules, where each module is associated with a corresponding function. The list 
of modules associated with application software 210 shown in Figure 2 is in no 
way an exhaustive list. 

A first one of these software modules is the card data manager. It is 

25 responsible for manipulating (e.g., adding, deleting, editing, backing-up, 

restoring) the end-user data stored on the smart card 202. This module may 
include a number of sub-modules, each of which is used in manipulating a 
corresponding type of end-user data (e.g., personal data or credit card data). 
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A second software module is the multi-session manager. This software 
module provides the end-user with the ability to simultaneously execute a plurality 
of browser tasks and/or other applications. Thus, in accordance with the form-fill 
feature, the user may be capable of filling more than one on-line or web-based 
5 form at a time. 

Yet another module is the smart card 202, or smart device authentication 
manager. Typically, authentication involves "hand shaking" between the smart 
card 202 and, for example, a remote server 220. In accordance with the present 
invention, the authentication manager is capable of recognizing an authentication 

10 challenge issued by the remote server 220, and capable of generating an 

appropriate response to the challenge in order to authenticate the smart card 202. 
In addition, this module might provide an audible or visual indication when the 
smart card 202 is authenticated. 

The authentication process serves at least two purposes. First, it may be 

15 used for securing the smart card (i.e., the card holder), the site, or the transaction. 
Thus, the authentication process helps prevent unauthorized persons from 
accessing a site, accessing information, using applications, and engaging in 
unauthorized transactions. Second, the authentication process can be used by e- 
commerce providers to track consumer behavior for customer segmentation and 

20 targeted marketing. 

In the present invention, the authentication process may employ a triple 
DES (i.e., Data Encryption Standard) algorithm. If so, the remote server 220, 
which is attempting to authenticate the end-user, generates a random number. The 
DES algorithm then uses the random number, plus a master key to generate a data 

25 sequence. The data sequence is then downloaded to the application software 210. 
The master key needed to decrypt the random number is stored on the smart card 
202. Once decrypted, the random number is transmitted back to the remote server 
for authentication. The master key is never transmitted. Accordingly, the smart 
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card 202, or smart device, must be present for authentication to occur prior to 
accessing a site or permitting a transaction to take place. 

Another module is the Security Manager. The security manager is 
responsible for the security process that is associated with validating the end-user 
5 when the smart card 202 is first inserted into the card reader 205, or alternatively, 
when the smart device undergoes a power-on process. In the present invention, 
the security manager may prompt the end-user to provide an identification code 
when the smart card 202 is first inserted into the card reader 205, or alternatively, 
when the smart device is first powered-on. If, for example, an incorrect code is 

10 provided a certain number of times, the security manager may lock-out the smart 
card 202 (i.e., disable the smart card). When the smart card 202 is removed from 
the card reader 205, or when the smart device is powered-down, the security 
manager is responsible for closing down the entire application session on the 
peripheral device 215. This includes destroying all objects or data created and/or 

15 stored on the peripheral device 215 during the session, thereby helping to prevent 
end-user information from being compromised, where end-user information might 
otherwise be accessible to third parties who have or might gain access to the 
peripheral device memory. It will be readily apparent that use of the security 
manager depends upon the sensitivity of the data being stored on the smart card 

20 202, as well as issuer or end-user preference. 

Still another software module is the card XML data manager. XML refers 
to Extendable Markup Language. It supports web-based documents, or documents 
that contain structured data. More particularly, XML allows a 
programmer/developer, for example, of smart cards, to define customized data 

25 tags and the structural relationships between them. In the present invention, end- 
user data stored on the smart card 202 is preferably in XML format. As one 
skilled in the art will readily appreciate, the card XML manager serves as an 
interface between the data concepts associated with the application software 210 
and the data stored on the smart card 202. 
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The advantages associated with the card XML manager directly affect the 
programmer/developer of the smart card 202. For instance, the card XML data 
manager makes it easier for the developer to insert new data elements without 
having to reformat the entire smart card. Also, it provides a more efficient data 
5 storage strategy to conserve memory space. Thus, more data can be stored on a 
given card or smart device. 

Other software modules include a URL launch manager, a user 
ID/password manager, a personal data manager, a credit card data manager, a 
site/application manager, a quick-link manager, a digital identification manager, an 
10 intelligent form-fill manager, a reward manager, and a media manager. The 
features associated with each of these managers are described below in greater 
detail. 

As stated above, with reference to the exemplary configuration of Figure 2, 
the smart card 202 also contains software and data 209. Like the application 

15 software 210, the card software comprises a number of software modules. 

Generally speaking, the software modules residing on the smart card 202 are 
counterpart modules that correspond with one or more of the software modules 
that are associated with the application software 210. Thus, in addition to end- 
user data, the smart card 202 may contain a data manager, a security manager, and 

20 an authentication manager. 

In a preferred configuration, the card software and data 209 includes an 
interface manager. The interface manager is responsible for generating and 
maintaining a user interface (UI). In the configuration illustrated in Figure 2, the 
UI may be a graphical user interface (GUI) which is displayable on the peripheral 

25 device 215. Moreover, the interface manager may be capable of generating the 
GUI in accordance with any number of different "skins" or appearances. It is 
through the GUI that a end-user invokes the various features associate with the 
present invention. The GUI is described in greater detail below. 
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The application software 210, along with the card software and data 209, 
provide the user with a number of unique features, many of which are invoked by 
the end-user via the GUI. Included among these features are an user ID and 
password storage and maintenance feature, which is controlled by the user 
5 ID/password manager; a personal data storage and maintenance feature, which is 
controlled by the personal data manager; a credit card data storage and 
maintenance feature, which is controlled by the credit card data manager; a 
favorite site/application storage and maintenance feature, which is controlled by 
the site/application manager; an automatic browser and universal resource locator 

10 (URL) launch feature, which is controlled by the URL launch manager; an 

intelligent form-fill feature, which is controlled by the form-fill manager; a digital 
identification capture and storage feature, which is controlled by the digital 
identification manager; a personal network management and transaction feature, 
which is controlled by the quick-link manager; and an on-line reward 

15 accumulation, redemption and transfer feature, which is controlled by the rewards 
manager. Additionally, the application software 210 facilitates certain interactions 
and transactions between the remote service provider 220 and the smart card 202, 
the results of which may be displayed to the end-user on the GUI. The GUI and 
each of the aforementioned features provided by the application software 210 are 

20 now described in greater detail herein below. 

Figure 3 illustrates an exemplary GUI. Those skilled in the art will readily 
appreciate that other types of end-user interfaces may be employed depending 
primarily on the nature of the peripheral device 215. Moreover, the GUI 
illustrated in Figure 3 may take on any of a number of appearances referred to 

25 above as "skins". As shown, the GUI includes several attributes, such as a 

dynamic display 300, through which the end-user can view pertinent information. 
Other attributes include a number of functional buttons, such as the button labeled 
"Passwords", which relates to the user ID and password storage and maintenance 
feature; the button labeled "Personal", which relates to the personal data storage 
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and maintenance feature; the button labeled "Credit Cards", which relates to the 
credit card data storage and maintenance feature; the button labeled "->URL", 
which relates to the automatic browser and URL launch feature; the button labeled 
"Digital Identity", which relates to the digital identification capture and storage 
5 feature; the button labeled "Favorites", which relates to the favorite 

site/application feature; and the button labeled "Me!", which relates to the 
intelligent form-fill feature. Still other attributes include a window 305 containing 
a number of "quick-link" buttons (QLB), and a QLB control icon 310. The 
specific function of each of these attributes will become apparent from the 

10 following discussion. 

In accordance with a first aspect of the present invention, the application 
software 210, and in particular, the URL launch manager, as well as the card 
software and data 209 provide the end-user with an automatic browser and URL 
launch feature. When the smart card 202 is first inserted into the card reader 205, 

15 or when the smart card device containing the smart card first invokes the smart 

card contained therein, the security manager validates the card and the application 
software 210 automatically launches browser software. In addition, the URL 
launch manager automatically initiates a log-in and authentication process with the 
service provider, e.g., the Internet Service provider, if doing so is necessary. The 

20 URL launch manager then causes the browser to navigate to a particular site (e.g. , 
website) as defined by a corresponding default network address (e.g., a URL) that 
has been programmed into the smart card 202. Furthermore, if the site defined by 
the default address requires a user ID and/or password, the required user ID 
and/or password is automatically provided so that the end-user is automatically 

25 connected to the site without further end-user interaction. 

As stated, after inserting the smart card 202, the browser automatically 
connects the end-user to a default address or URL. In one configuration, the 
default address or URL may be preset by the issuer of the smart card 202, where 
the issuer of the smart card may have reasons for wanting the end-user to always 
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be routed to this URL. In this instance, the end-user may not have the ability to 
alter the default URL which has been set by the issuer of the smart card. 

In another configuration, the default URL may not be preset. Here, the 
end-user would have the ability to set and/or alter the default URL. To achieve 
5 this, the end-user would select, for example, the button labeled "-> URL" on the 
GUI. This, in turn, causes a UI, such as the text box illustrated in Figure 4A to 
be displayed. Using the text box, the end-user may enter and store a desired 
default URL 400 (e.g., http.V/gemplus/gemplus/gemplus.htm). 

Figure 4B illustrates an exemplary technique that might be employed by the 

10 UrL launch manager to implement the automatic browser and URL launch 

feature. As shown in step 420, the URL launch manager monitors the card reader 
205, or more particularly, the switch or sensor 145 contained therein. When the 
smart card 202 is inserted into the card reader 205, the switch or sensor 145 
generates a signal. The generation of this signal allows the URL launch manager 

15 to detect the insertion of the smart card 202 into the card reader 205, in 

accordance with step 425. At this point, the security manager may validate the 
end-user before the default URL is actually retrieved. The URL launch manager 
then retrieves the default URL which is stored in memory on the smart card 202, 
as shown by step 430, and launches the browser as shown by step 435. This, in 

20 turn, allows the peripheral device 215 to connect to the website whose Internet 
address is defined by the default URL, in accordance with step 440. It will be 
apparent to one skilled in the art that the step of retrieving the default URL may be 
triggered when a smart device containing a smart card is placed into operation 
(i.e. , powered on), rather than being triggered by the insertion of a smart card into 

25 a card reader. 

Prior to establishing a connection with the site corresponding to the default 
URL, or prior to accessing information at the site, additional security measures 
may be required. This may involve a user ID code and/or password. In one 
instance, the URL launch feature may automatically provide a user ID and/or 
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password in accordance with the user ID/password feature described below, 
particularly where the data to be accessed is of a non-secure nature. However, if 
the data to be accessed is secure of user-specific, such as personal medical 
information or personal financial information, the URL launch manager would 
5 require manual entry of security or access code information. 

In accordance with a second aspect of the present invention, the application 
software 210, and in particular, the site/application manager, as well as the card 
software and data 209 provide the end-user with a favorite site/application storage 
and maintenance feature. More specifically, the site/application manager stores 

10 and maintains a list of sites (e.g., websites) and/or applications which the end-user 
intends to access on a frequent basis. The favorite site/application storage and 
maintenance feature maybe end-user defined, as described above, or it may be pre- 
defined, wherein the end-user is unable to alter the listing of sites and/or 
applications. The latter case is more applicable where the smart card is being used 

15 by the issuer of the smart card as a tool to limit end-user access. This will be 
explained in greater detail below. 

Figure 5 illustrates a GUI with an exemplary list of favorite sites and 
applications presented on the dynamic display 300. The end-user can display this 
list by selecting, for example, the button labeled "Favorites" on the GUI. Once 

20 the list is displayed, the end-user can access any one of the sites or applications by 
selecting the corresponding entry from the list. In addition, the end-user may be 
able to add a new site or application to the list or delete a site or application from 
the list. In adding a site or application to the list, the end-user can manually enter 
the new site or application pathway to the list, drag-and-drop a site or application 

25 pathway to the list (e.g., from the browser), or cut-and-paste a site or application 
pathway to the list. 

In accordance with a third aspect of the present invention, the application 
software 210 and, in particular, the user ID/password manager, as well as the card 
software and data 209 provide a user ID and password storage and maintenance 
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feature. The user ID and password storage and maintenance feature is capable of 
automatically capturing and storing a user ID and password. It is also capable of 
supplying a user ID and/or password in accordance with the intelligent form-fill 
feature, which is described in greater detail below, when the end-user accesses the 
5 corresponding site or application that requires the user ID and/or password. 

Accordingly, the end-user need not manually enter this information each time the 
end-user accesses the site or application. Nor does the end-user have to remember 
the user ID and/or password associated with each and every site or application that 
requires this information. 

10 One skilled in the art will readily appreciate that the user ID and password 

storage and maintenance feature operates in conjunction with the aforementioned 
favorite site/application storage and maintenance feature. Thus, for each favorite 
site or application that requires an user ID and/or password, the user ID/password 
manager stores and maintains a corresponding user ID and/or password. If and 

15 when the end-user selects one of the favorite sites or applications, the user 

ID/password manager is capable of automatically supplying the user ID and/or 
password that corresponds to the selected site or application without any further 
end-user interaction. 

Figure 6A illustrates a GUI with an exemplary list of sites and/or 

20 applications that require a user ID and/or password presented on the dynamic 

display 300. The end-user can access this list by selecting, for example, the button 
labeled "Passwords" on the GUI. Once the list is displayed, the end-user can 
manually add a new user ID and/or password or manually edit an existing user ID 
and/or password. 

25 The end-user can also control whether a user ID and/or password 

associated with a listed site or application is to be automatically supplied in 
accordance with the intelligent form-fill feature. For instance, the end-user may 
select the website "Gifts.com" from the list presented on the dynamic display 300 
in Figure 6A. In doing so, a UI appears, such as the text box illustrated in Figure 
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6B. The text box displays the user ID and password information corresponding to 
"Gifts.com" . Of particular interest is the small check-box labeled "Send 
< Enter > to linked web page or dialog box?". By selecting this option, the 
application software 210 is designed to automatically transfer the user ID and 
5 password to the website, as mentioned above. However, should the end-user 
decide not to select this option, the end-user may still transfer the user ID and 
password information from the smart card memory to the website using a drag- 
and-drop, cut-and-paste, or manual procedure. 

Figure 6C illustrates a technique that might be employed by the user 

10 ID/password manager to automatically capture and transfer a user ID and/or 
password. First, as indicated by step 600, the end-user attempts to access a 
particular site, (e.g., an Internet website) or open a particular application. The 
user ID/password manager then determines, as shown by decision step 605, 
whether the site or application requires an user ID and/or password. If it is 

15 determined that a user ID and/or password are not required, in accordance with 
the "NO" path out of decision step 605, the process may be terminated according 
to step 610. However, if it is determined that a user ID and/or password are 
required, in accordance with the "YES" path out of decision step 605, the user 
ID/password manager searches the user ID and password data stored on the smart 

20 card 202 and determines whether a user ID and/or password have been stored for 
the site or application to which the user is seeking access, in accordance with steps 
615 and 620, respectively. 

If in searching the data stored on the smart card 202, the user ID/password 
manager identifies a user ID and/or password associated with the site or 

25 application, as shown by the "YES" path out of step 620, the user ID/password 
manager then determines, in accordance with decision step 625, whether the user 
has selected the aforementioned option that permits the user ID and/or password to 
be automatically transferred. If it is determined that the end-user has opted not to 
have this user ID and/or password automatically transferred, as shown by the 
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"NO" path out of decision step 625, the process may be terminated accordingly to 
step 630, wherein the end-user would be required to manually supply the user ID 
and/or password to gain access. On the other hand, if it is determined that the 
end-user opted to have the user ID and/or password automatically transferred, 
5 according to the "YES" path out of decision step 625, the user ID and/or password 
are transferred, as shown by step 635, in accordance with an intelligent form-fill 
feature, which is described in detail below. 

If it is determined that a user ID and/or password for the site or application 
have not been previously stored on the smart card 202, in accordance with the 

10 "NO" path out of decision step 620, the user ID/password manager waits to see if 
the end-user manually enters a user ID and/or password to gain access to the site 
or application, as shown by decision step 640. If the end-user does not manually 
enter a user ID and/or password, in accordance with the "NO" path out of decision 
step 640, the process may be terminated per step 630. But if the end-user 

15 manually enters a user ID and/or password, in accordance with the "YES" path out 
of decision step 640, the user ID/password manager prompts the end-user as to 
whether the manually entered user ID and/or password are to be stored on the 
smart card 202, as shown by step 645. The user ID/password manager now waits 
for the end-user's response, as shown by step 650. If the end-user does not intend 

20 to save the user ID and/or password, in accordance with the "NO" path out of 
decision step 650, the process may be terminated, as shown by step 655. If the 
end-user does intend to save the user ID and/or password, in accordance with the 
"YES" path out of decision step 650, the application software 210 captures the 
user ID and/or password automatically, and stores the information on the smart 

25 card 200, as shown by step 660. 

In accordance with a fourth aspect of the present invention, the application 
software 210, and in particular, the personal data manager, and the card software 
and data 209 provide the end-user with a personal data storage and maintenance 
feature. With this feature, the end-user may generate and maintain a number of 
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personal profiles, where for the purpose of the present invention, a personal 
profile is a record containing personal information, such as, the end-user's name, 
address, telephone number, age, date of birth, and e-mail address. 

Figure 7A is a dialog box that contains personal information associated 
5 with an exemplary personal profile record entitled "Dad-Work". Presumably, 
this personal profile contains the end-user f s (i.e., dad f s) personal, work related 
information, for example, the name of his company, his company's address, his 
telephone number at work and FAX number. The dialog box might also be used 
to enter or edit data associated with a given personal profile record. 

10 Figure 7B shows a GUI through which the end-user might access each of 

the different personal profiles by first selecting, for example, the button labeled 
"Personal" . This, in turn, causes a list of the various personal profile records that 
the end-user has created to be presented on the dynamic display 300. Once the list 
of personal profile records has been displayed, the end-user can select any one in 

15 order to display the corresponding dialog box which contains the personal 
information associated with the selected personal profile. 

The primary purpose of the personal data storage and maintenance feature 
is to facilitate intelligent form-fill operations. It is understood that some websites 
require the end-user to provide a significant amount of personal information, 

20 particularly when the end-user is accessing the website for the first time, or 

engaging in an on-line purchase, transaction, and/or other similar interaction. In 
fact, access to a site may be denied and transactions and/or interactions may be 
terminated if the requested information is not provided. Providing this 
information can be very time consuming. By storing and maintaining this 

25 information in one or more personal profile records, the information may be can 
transferred quickly and, in many instances, automatically. 

The transfer of personal information from one or more personal profile 
records to an on-line form may be initiated in a number of different ways. For 
instance, the end-user may initiate the transfer by performing a drag-and-drop 
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operation. However the transfer of personal information is preferably achieved 
automatically through the use of the intelligent form-fill feature which is described 
in greater detail below. 

In accordance with a fifth aspect of the present invention, the application 
5 software 210, and in particular, the credit card manager, as well as the card 
software and data 209 provide the end-user with a credit card data storage and 
maintenance feature. With this feature, the end-user may generate and maintain 
any number of credit card profiles, where each profile contains the information 
needed to pay for an on-line transaction using a corresponding credit card. 

10 Figure 8 A is a dialog box that displays the type of information that may be 

associated with a credit card profile for a Visa® Gold card. As shown, the credit 
card profile identifies, among other things, the credit card itself, the credit card 
holders name, the credit card account number, and the credit card expiration date. 
Figure 8B shows a GUI, through which the end-user might generate a new 

15 credit card profile, or access an existing credit card profile by selecting, for 
example, the button labeled "Credit Cards". In so doing, a list of the existing 
credit card profiles are presented on the dynamic display 300 as shown. Selecting 
one of the credit card profiles from the dynamic display 300 would, in turn, cause 
the corresponding credit card information to be displayed in a format such as that 

20 which is illustrated in Figure 8A. 

Like the personal data storage and maintenance feature described above, 
the credit card data storage and maintenance feature supports the transfer of 
information (i.e., credit card information) between the smart card memory and a 
website, for example, to facilitate on-line purchases and other similar transactions. 

25 Moreover, initiating the transfer of credit card information may be accomplished 
through a drag-and-drop operation. However, the transfer of credit card 
information may be achieved automatically through the use of the intelligent form- 
fill feature. 



WO 02/23367 PCT/US01/28538 



-24- 

As mentioned, another aspect of the present invention is the intelligent 
form-fill feature. This feature facilitates the end-user's ability to complete on-line 
forms, execute transactions, and gain access to websites and applications by 
analyzing and interpreting data fields associated with on-line or web-based forms. 
5 Then, based on the end-user data stored on the smart card 202, or in the smart 
device, this feature completes an on-line form and, thereafter, sends the data 
associated with the completed form directly to the source of the on-line or web- 
based form. For example, the data may be sent over the Internet, directly to a 
remote server from which the on-line or web-based form originated, without first 

10 transmitting the data to a proxy. In doing so, data security is better ensured. 

In general, the intelligent form-fill feature achieves the above-identified 
function by providing the end-user with the option of selecting, as a default, one of 
the stored personal profiles, one of the stored credit card profiles, and possibly, 
one of the stored user ID and/or password files. The end-user may accomplish 

15 this, for example, by selecting an option on the UI that is associated with a 

particular personal profile, credit card profile, and user ID and/or password file. 
Referring back to Figure 7A, the end-user would click on the check box marked 
"Is this your default profile?" to select the personal profile entitled "Dad — work" 
as the default. Similarly, in Figure 8A, the end-user would click on the check box 

20 marked "Is this your default card?" to select the Visa® Gold credit card profile as 
the default. 

In Figure 8B, the GUI is illustrated as having a button labeled "Me! " . By 
selecting this button, the end-user initiates the process of transferring information 
contained in the default profiles to an on-line form. Accordingly, the end-user 
25 need not go through the arduous process of manually entering the required 

information in order to gain access to a particular website, complete an on-line 
transaction, or execute an application. 

Figure 9 illustrates a technique that might be used to implement the 
intelligent form-fill manager, and automatically transfer default information from 
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the smart card memory to an on-line form. As shown in step 900, the end-user 
initiates the intelligent form-fill process. The end-user may accomplish this by 
selecting, for example, the "Me! ,! button on the GUI, as shown in Figure 8B. An 
on-line form typically comprises a plurality of data fields. It will be understood 
5 that the data fields associated with the on-line form have been retrieved by the 
intelligent form-fill manager via the browser. 

Once the end-user initiates the intelligent form-fill process, the intelligent 
form-fill manager analyzes and interprets each data field associated with the on- 
line form or application, as shown by step 905. Based on this analysis, the 

10 intelligent form-fill manager then generates a model of the on-line form or 

application, according to step 910, where the model may comprise data fields that 
correspond to end-user data contained in one or more of the default profiles. 
Thereafter, the intelligent form-fill manager employs a pattern matching process to 
determine, in accordance with decision step 915, whether each data field in the 

15 model corresponds with a data entry in one of the default profiles. If, in 

accordance with the "YES" path out of decision step 915, there is a corresponding 
data entry for a given data field in the model, the intelligent form-fill manager 
associates the data entry with that data field according to step 920. A 
determination is then made as to whether there are any additional data fields 

20 associated with the model that require matching, as shown by decision step 925. 

If there are additional data fields that require matching, in accordance with 
the "YES" path out of decision step 925, the intelligent form-fill manager 
determines whether there is a data entry in one of the default profiles 
corresponding to a next data field. If the application is unable to match a given 

25 data field in the model with a corresponding data entry in one of the default 

profiles, in accordance with the "NO" path out of decision step 915, the intelligent 
form-fill manager may ignore the data field, or alternatively, prompt the end-user 
to manually provide the missing information, as shown by step 930. 



WO 02/23367 PCT/US01/28538 



-26- 

Once the intelligent form-fill manager addresses each data field in the 
model, in accordance with the "NO" path out of decision step 925, the model, 
including all corresponding data from the one or more default profiles is reflected 
back to the website or application to complete the on-line form, as shown by step 
5 935. The process is thereafter terminated in accordance with step 940. 

In accordance with a preferred configuration, the intelligent form-fill 
manager transfers personal, ID and/or password, and/or credit card information 
directly to a remote entity, such as the remote service provider that is hosting the 
website that requires the information. The intelligent form-fill manager does not 
10 first transfer the information to a proxy server. Thus, fewer entities have access to 
the personal, ID and/or password and/or credit card information, thereby 
minimizing the potential that the information will be compromised or otherwise 
misused. 

Further, the intelligent form-fill manager may provide a time stamp when 
15 transferring personal, ID and/or password and/or credit card information during a 
form-fill operation. The timestamp represents, or is used to derive, a period of 
time during which the transferred information is to be considered valid. After the 
expiration of this period of time, the remote service provider which has received 
the information is no longer authorized to use it. However, to ensure that the 
20 information is not used after the expiration of the time period, an agreement with 
the remote service provider may be required, wherein software at the remote 
server, for example, renders the information unusable (e.g., by scrambling or 
otherwise destroying the data) when the time period expires. 

Still another aspect of the present invention is the quick-link feature. 
25 The quick-link feature is primarily controlled by the quick-link manager. Among 
other things, the quick-link feature provides the end-user with the ability to 
quickly and conveniently access frequently visited sites or applications. It also 
provides one of several ways for the issuer of the smart card to control end-user 
access. Preferably, the quick-link feature is implemented using a number of 
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quick-link buttons (QLBs) 305 which appear on the GUI as shown in Figure 3. By 
selecting one of the QLBs, the quick-link manager causes the browser to access the 
website or application associated with the selected QLB. If the website or 
application requires a user ID and/or password, the user ID/password manager 
5 automatically transfers the user ID and/or password, in accordance with the user 
ID and password storage and maintenance feature, assuming the information is 
stored in memory on the smart card 202. 

Figure 10A illustrates an alternative UI which displays the QLBs. If this 
UI is displayed, the GUI shown in Figure 3 is preferably hidden from view. To 

10 invoke the alternative UI, the end-user may select a QLB control icon 310 as 

shown in Figure 3. A similar QLB control icon 310 appears on the alternative UI 
in Figure 10A, where the selection of the QLB control icon on the alternative UI 
causes the GUI of Figure 3 to be re-displayed. 

As stated, the quick-link feature provides a convenient way for end-users to 

15 access frequently accessed sites and applications. To achieve this purpose, the 

software in the peripheral device and/or the smart card may permit the end-user to 
program each QLB so that it corresponds with a desired website or application. 
However, in addition to providing the end-user with a fast, convenient way to 
access frequently used sites and applications, the quick-link feature also allows e- 

20 commerce providers to control end-user/consumer behavior. To achieve this latter 
purpose, one or more QLBs may be programmed to correspond with a site or 
application associated with the e-commerce provider. Where the smart card is 
issued by or on behalf of an e-commerce provider, the quick-link buttons may be 
pre-set by the e-commerce provider or an issuer on behalf of the e-commerce 

25 provider. Alternatively, the end-user/consumer may have the ability to program 
each quick-link button from a limited list of links provided by the issuer of the 
smart card or one or more e-commerce providers. 

Figure 10B illustrates an exemplary technique that might be employed by 
the quick-link manager to link the end-user with a given website or application. 
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Although the example illustrated in Figure 10B indicates that each QLB is 
associated with a website, one skilled in the art will appreciate that each QLB 
may, alternatively, be associated with local sites or applications as well. As 
shown in step 1000, a signal indicating that the end-user has selected one of the 
5 QLBs is detected. A determination is then made, in accordance with decision step 
1005, whether the end-user selected the website associated with QLB-1. If the 
end-user selected QLB-1, in accordance with the "YES" path out of decision step 
1005, the URL that corresponds with that website is loaded into the browser, as 
shown by step 1010. The browser then uses the URL to connect the peripheral 

10 device with the desired website. If the end-user did not select QLB-1, in 

accordance with the "NO" path out of decision step 1005, a determination is made 
as to whether the end-user selected QLB-2, as indicated by decision step 1015. It 
should be apparent that this process continues until a determination is made as to 
which QLB was selected by the end-user. After determining which QLB the end- 

15 user selected, and after loading the corresponding URL, quick-link manager 
terminates the process, as shown in step 1050. 

In accordance with still another aspect of the present invention, the 
application software 210, and in particular, the digital identification manager, as 
well as the card software and data 209 provide a digital identification capture, 

20 storage and maintenance feature. This feature permits the end-user to load into 

memory on the smart card 202, data which represents the identity of the end-user. 
The representation may, for example, be a picture, a biometric (e.g., a fingerprint) 
or a signature. Thereafter, the data representing the end-user's identity is stored 
on the smart card 202, and it may be used for such purposes as authenticating the 

25 end-user, on-line documents and/or on-line transactions. 

Capturing the data which represents the end-user's identity, and loading the 
data into memory on the smart card 202 may be achieved in any of a number of 
different ways. For instance, the data may be scanned into memory or copied into 
memory from an existing file. 
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The end-user may invoke the digital identification manager by selecting, 
for example, the button labeled "Digital Identity" on the GUI illustrated in Figure 
3. In the event that the digital identification involves a signature, the digital 
identification manager may initially prompt the end-user to trace out their 
5 signature using a mouse, an electronic pen, or some other like input device. As 
the end-user traces their signature, the digital identification manager determines 
each of a number of input device positions, and therefrom, generates a sequence of 
data values that define the signature. The data defining the end-user f s signature is 
then stored in memory on the smart card 202. The digital identification manager 

10 may display the end-user ! s signature on the peripheral device 215 as the signature 
is being traced by the end-user and as the corresponding data values which 
represent the signature are being stored. Thus, the completion of the signature 
trace on the peripheral device 215 coincides with the process of storing the data 
values in the memory on the smart card 202. 

15 Figure 11 illustrates, in greater detail, an exemplary technique that might 

be employed by the digital identification manager to capture and store data values 
which represent the end-user 1 s identify. 

Initially, a data signal is generated from the representation of the end-user's 
identify, as shown in step 1100. If the representation is a signature, the data signal 

20 may be generated by having the end-user manipulate an input device, such as a 

trouse or light pen, as previously suggested. If the representation is a biometric or 
a picture, the data signal may be generated by scanning the representation. The 
data signal is then sampled, and the data samples are stored according to step 
1105. 

25 The data samples may initially be stored in a buffer. Thus, in accordance 

with the "NO" path out of decision step 1110, the digital identification manager 
will continue to sample and store data values until the last data sample has been 
stored, as shown by the "YES" path out of decision step 1110. 
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The data samples are then read from the buffer, as indicated by step 1115, 
and stored in a memory on the smart card, as shown in step 1 120. If, in 
accordance with a preferred embodiment, the peripheral device has a display 
device, the data samples may be transferred thereto and the representation of the 
5 end-user f s identity may be progressively displayed, per step 1125. Thus, the step 
of displaying the representation of the end-user ! s identify and storing the samples 
data values in memory on the smart card may occur substantially at the same time. 

As shown by decision step 1130, the representation of the end-user's 
identify continues to be displayed, each portion at a time, and the sampled data 

10 values continue to be stored in memory on the smart card, until the last data 

sample has been stored and the last portion of the representation of the end-user 1 s 
identify corresponding thereto has been displayed, in accordance with the "YES" 
path out of decision step 1130. 

The various aspects of the present invention described thus far focus 

15 primarily on features that are of particular interest to the end-user of the smart 
card. There are, however, aspects of the present invention that are of particular 
interest to the issuer of the smart card. In a commercial context, for example, the 
issuer of the smart card may be an employer (e.g., a company), while the end-user 
of the smart card is an employee. In a non-commercial context, the issuer of the 

20 smart card may be a parent, whereas the end-user of the smart card is a child. 

One aspect of the present invention, which may be of particular interest to 
the issuer of the smart card, allows the issuer to control, or more specifically, limit 
the ability of one or more users to access certain websites and/or applications. In 
the non-commercial context, a parent may wish to control or limit the ability of a 

25 child to access and interact with certain sites and/or applications. The parent may 
accomplish this by issuing multiple smart cards, one for each child, wherein each 
smart card is personalized for a corresponding child. Thus, for example, the 
parent may preset or pre-program each smart card so that when a child inserts his 
or her smart card into the card reader, a particular URL associated with an 
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appropriate website that has been selected by the parent for that child is 
automatically launched in accordance with the aforementioned automatic browser 
and URL launch feature. Similarly, the parent may preset or pre-program a card 
so that the favorite site/application list only contains sites and/or applications that 
5 are approved by the parent. The parent may also preset or pre-program the QLBs 
so that each corresponds with an appropriate website and/or application. 

In order to achieve the above-identified purpose, the issuer (i.e., the 
parent) should have the ability to "lock" the browser; that is, prevent the browser 
from accessing sites and/or applications that are not one of those that have been 
10 preset or preprogrammed into the smart card by the parent. One way to 

accomplish this is to set up the browser such that it goes to a designated proxy 
prior to accessing a given site or application. The proxy contains a set of rules, 
for example, one for each child. The rules identify the sites and/or applications 
that are permissible for that child. Thus, if a child attempts to access a site that he 
15 or she is not authorized to access, the rules stored at the proxy will instruct the 
browser to deny access to the child. 

In the commercial context, the issuer of the smart card may wish to 
similarly control or limit the ability of employees. In this context, an employer 
may issue multiple smart cards, one for each employee, wherein each smart card is 
20 personalized for a corresponding one of the employees. The employer can 

personalize each smart card by presetting or pre-programming, for example, the 
automatic browser and URL launch feature, the list of favorite websites and/or 
applications associated with the personal site/application storage and maintenance 
feature, and the QLBs, in much the same way as did the parent in the non- 
25 commercial context described above. 

Further in accordance with this aspect of the present invention, the issuer 
of the smart card may preset or pre-program each smart card so that it imposes 
other limitations on the end-user. For example, the issuer may wish to limit the 
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user based on time of use, duration of use, as well as functionality within a site or 
application (e.g., prohibiting the use of credit cards). 

Still further in accordance with this aspect of the present invention, the 
issuer of the smart card may issue what are herein referred to as "membership 
5 cards" . When a membership card is placed into operation or inserted into a card 
reader, the membership card permits the end-user to access a private site. Anyone 
attempting to access the site without a card would be denied such access. 

There are several ways to implement membership cards. First, the card 
may be pre-loaded with the corresponding URL, which is transparent to the end- 

10 user. When the card is inserted into the card reader, the URL launch manager 
initiates the browser which then connects the end-user to the private site. Login 
and authentication might be unnecessary, and the card might not cause a GUI to be 
displayed. Second, the card maybe pre-loaded with the corresponding URL and 
login sequence, where the URL and login sequence is transparent to the end-user. 

15 In this case, authentication might not be necessary, and once again, the card might 
not cause a GUI to be displayed. Third, the card maybe pre-loaded with the 
corresponding URL and login sequence, as well as any keys needed for 
authentication. However, the card would, once again, not cause a GUI to be 
displayed. Fourth, the card maybe pre-loaded as described above with respect to 

20 the first implementation, but for the fact that the card contains multiple URLs, 
rather than one URL. Here, the card would likely cause a GUI to be displayed, 
where the GUI includes graphical buttons, each corresponding to one of the 
multiple URLs. Fifth, the card may be pre-loaded with multiple URLs as 
described above in the fourth implementation. However, in this implementation, 

25 the card would also be pre-loaded with login sequences as required for one or 
more of the multiple URLs. Sixth, the card may be pre-loaded with multiple 
URLs and login sequences as described above in the fifth implementation. In this 
implementation, the card is also pre-loaded with any keys that are needed to 
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support authentication. Table I summaries the six exemplary membership card 
implementations described above. 





MEMBERSHIP CARD IMPLEMENTATIONS 




TTRI, 


OTTT 


LOGIN 


AUTHENTICATION 


Implementation 1 


1 


No 


No 


No 


Implementation 2 


1 


No 


Yes 


No 


Implementation 3 


1 


No 


Yes 


Yes 


Implementation 4 


Multiple 


Yes 


No 


No 


Implementation 5 


Multiple 


Yes 


Yes 


No 


Implementation 6 


Multiple 


Yes 


Yes 


Yes 



TABLE 1 

There are also aspects of the present invention that are of particular interest 
to entities other than the end-user and the issuer of the smart card. These aspects, 
in general, involve features that enable or support transactions and/or interactions 
over the Internet between the end-user and one or more specific e-commerce 
providers. 

One such aspect involves a personal network management and transaction 
feature. In accordance with this feature, URL information may be pre-loaded into 
the smart card by an e-commerce provider or on behalf of one or more e- 
commerce sponsors. For example, the issuer of the smart card might lease or sell 
a QLB to a sponsor — the sponsor being an e-commerce provider. The appearance 
of the QLB on the GUI might even reflect, by way of a logo, the corresponding 
sponsor. Selecting the QLB might, as previously explained, cause the browser to 
launch a URL associated with the sponsor, or initiate a particular on-line 
transaction with the sponsor. 

In addition to pre-loading sponsor information, a QLB might be re- 
programmed automatically by downloading new or updated information, such as a 
new sponsor name, a new logo or new URL information. Re-programming may 
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be initiated as a result of an event (e.g., extending a lease to a new sponsor), an 
action, or simply the elapse of a particular period of time. 

In contrast to pre-loading e-commerce sponsor information into the smart 
card, the end-user may have the option to select certain sponsors from amongst a 
5 list that is provided by the issuer of the smart card. In this instance, the end-user 
preferably has the ability to modify or alter the information from time to time. 

Further in accordance with the personal network management and 
transaction feature, the smart card may be used to capture specific information. 
For instance, consumer transaction information (e.g., purchase order confirmation 

10 information) and/or information relating to e-commerce provider sites. 

Another aspect involves an on-line reward accumulation, redemption and 
transfer feature. This feature is primarily handled by the rewards manager. In 
accordance with this feature, an end-user/consumer may earn on-line rewards for 
taking certain action(s) with the smart card, as explained in more detail below. 

15 From the perspective of the issuer of the smart card and/or the e-commerce 
provider, the on-line rewards serve as an incentive (i.e., encourage) end- 
user /consumers to take these actions. Rewards may take the form of tokens, 
points, coupons, discounts, tickets, sweepstake entries, access rights/privileges, 
special messages/offers (e.g., displayed on the GUI), and/or free products. 

20 The end-user/consumer may earn rewards by using the smart card 202 in 

any one of a number of prescribed ways. For example, the end-user /consumer 
may earn rewards by using the smart card 202 for the first time (e.g., by inserting 
the smart card into the card reader 205 and connecting to a particular website 
associated with the e-commerce provider offering the reward). The reward may 

25 be earned when the end-user actually logs into the site, becoming a member (e.g., 
by registering with the site) or simply visiting the site. Downloading information 
from the site onto the smart card 202, or any other location, conducting an on-line 
transaction (e.g., making an on-line purchase), or filling out an on-line form are 
additional actions that might be the basis for extending rewards to an end- 
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user/consumer. Rewards may also be based on the number of times the end-user 
has engaged in a particular activity (e.g. , the frequency with which the end-user 
visits a given site), how recently the end-user has engaged in the activity, or, in 
the case of on-line purchases, how much the end-user has purchased. It will be 
5 understood, however, that the criteria set forth above is exemplary. It is 

foreseeable to rely on other criteria or combinations of criteria as a basis for 
extending on-line rewards. 

The on-line reward accumulation, redemption and transfer feature may rely 
on the aforementioned authentication process. For example, the authentication 

10 process may be utilized by the site to authenticate the card. In so doing, the issuer 
of the smart card or the e-commerce provider can control the distribution of 
rewards and, as explained below, use this feature to track end-user/consumer 
behavior. Authentication of the end-user, in addition to authentication of the smart 
card, may or may not be desired. 

15 Aside from earning rewards, the end-user consumer may accumulate, 

redeem and transfer rewards. With regard to reward accumulation, rewards may 
be stored in a memory on the smart card 202. Alternatively, the smart card 202 
may facilitate the process of earning rewards, though the rewards may be stored in 
a memory associated with the peripheral device 215. Preferably, rewards may be 

20 transferred; for example, from one smart card to another. With regard to 

redemption, an end-user/consumer may, preferably, redeem rewards on-line or 
off-line. On-line redemption may involve exchanging, over the internet, a number 
of accumulated reward tokens for a product or service. Off-line redemption, on 
the other hand, may involve exchanging a number of reward tokens at a physical 

25 store, kiosk or point-of-sale. 

Figure 12 summarizes the on-line reward accumulation, redemption and 
transfer feature. As shown by step 1205, rewards are provided based on the end- 
user taking some action with the smart card. This action may involve inserting the 
card into the card reader; visiting a particular website by selecting a corresponding 
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entry from the list of stored sites and/or applications illustrated in Figure 5 or by 
selecting a corresponding QLB; or involve any of a number of end-user actions or 
combinations therefor. Preferably, there is an authentication of the smart card, as 
illustrated in step 1210. Then, in accordance with step 1215, the end-user obtains 
5 a reward for taking the aforementioned action(s). From the perspective of the end- 
user, the rewards may be accumulated, transferred and, because there is value 
associated with rewards, redeemed for products and/or services. From the 
perspective of the issuer of the smart card and/or e-commerce provider, rewards 
may be used to influence end-user behavior (e.g. , to provide an incentive for the 
10 end-user to continue taking action), and to track end-user behavior for marketing 
purposes. 

Still another aspect involves downloading media from a website to the end- 
user, where the smart card, or smart device, is employed to manage the 
transference of the media content, and in particular the costs associated with the 

15 transaction. This feature might also involve a card authentication process, as 

described above, to ensure that the end-user is entitled to receive such information. 

As described above, there are several aspects associated with the present 
invention which provide a number of features and advantages over other smart 
card and non-smart card based Internet solutions. Among the several features and 

20 advantages of particular interest to end-users are the ability to automatically launch 
a desired URL upon insertion of the smart card into the card reader, the ability to 
automatically provide user ID and password information to certain websites, and 
the ability to provide intelligent form-fill operations. Other features and 
advantages of particular interest to the issuer of smart cards is the ability to issue 

25 multiple, personalized smart cards so as to individually control Internet usage of 
one or more end-users. Finally, as the present invention involves a smart card 
based solution, it provides portability, personalization, privacy and security. 

The present invention has now been described in accordance with several 
exemplary aspects and embodiments, which are intended to be illustrative rather 
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than restrictive. Thus, the present invention is capable of many variations in 
detailed implementation, which may be derived from the description contained 
herein by a person or ordinary skill in the art. All such variations are considered 
to be within the scope and spirit of the present invention as defined by the 
5 following claims. 
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WHAT IS CLAIMED IS: 

1 . A computer network based system comprising: 
a first network device; 

5 a second network device connected to said first network device by a 

computer network; 

a smart device in communication with said first network device, said smart 
device comprising means for storing one or more data entries representing 
information associated with a user of said smart device; 
10 means for transferring one or more data requests from said second network 

device to said first network device; 

means for analyzing the one or more data requests; 
means for matching each of the one or more data requests with a 
corresponding one of the stored data entries; and 
15 means for automatically transferring to said second network device, a data 

§equence associated with each data entry that matches a corresponding data 
request. 

2. The system of claim 1, wherein said smart device is a smart card 

20 comprising a memory, and wherein each of the one or more data sequences are 
stored as a data entry in said memory. 

3. The system of claim 2, wherein said first network device comprises: 
a smart card reader adapted to physically receive said smart card. 

25 

4. The system of claim 1, wherein said smart device comprises: 

a smart card that contains a memory, and wherein each of the one or more 
data sequences are stored as a data entry in said memory. 
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5. The system of claim 1 comprising: 

a wireless communications link between said first network device and said 
smart device. 

5 6. The system of claim 1 comprising: 

a wired communications link between said first network device and said 
smart card. 

7. The system of claim 1, wherein said first network device is a personal 
10 computer. 

8. The system of claim 1, wherein said first network device is a portable 
device. 

15 9. The system of claim 8, wherein said first network device is a personal 
digital assistant. 

10. The system of claim 8, wherein said first network device is a mobile 
telephone. 

20 

11. The system of claim 8, wherein said first network device is a portable 
computer. 

12. The system of claim 1, wherein said smart device is a portable device. 

25 

13. The system of claim 12, wherein said smart device is a mobile telephone. 

14. The system of claim 12, wherein said smart device is a personal digital 
assistant. 
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15. The system of claim 12, wherein said smart device is a portable computer. 

16. The system of claim 1, wherein said smart device is a web appliance. 

5 17. The system of claim 16, wherein the smart device is a cable set-type box. 

18. The system of claim 1, wherein each of the one or more data requests 
corresponds to a data element associated with an on-line form. 

10 19 The system of claim 18, wherein said first network device comprises: 
means for displaying the on-line form. 

20. In a system that includes a smart device in communication with a first 
network device, a second network device and a computer network connecting said 

15 first network device and said second network device, a method for completing an 
on-line form comprising the steps of: 

storing one or more data entries in a memory associated with the smart 
device, wherein each data entry represents information associated with a user of 
the smart device; 

20 transferring a number of data elements associated with an on-line form 

from the second network device to the first network device via the computer 
network; 

comparing the one or more data elements to one or more of the data 
entries; and 

25 transferring, to the second network device, one or more data sequences, 

where each data sequence is associated with a corresponding data entry that 
matches a data element. 

21. The method of claim 20 further comprising the step of: 
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creating a model of the on-line form based on the data elements associated 
with the on-line form. 

22. The method of claim 21 further comprising the step of: 

5 associating a data sequence with a data element in the model of the on-line 

form if it is determined that the data entry corresponding to the data sequence 
matches that data element. 

23. The method of claim 22 further comprising the step of: 

10 transferring the model of the on-line form, including the one or more data 

elements and one or more corresponding data sequences from the first network 
device to the second network device via the computer network. 

24. The method of claim 23 further comprising the step of: 

15 executing an application at the second network device in response to the 

second network device receiving the on-line form, including the one or more data 
elements and the one or more data sequences. 

25. The method of claim 23 further comprising the step of: 

20 granting the user of the smart device access to a site associated with the 

second network device in response to the second network device receiving the on- 
line form, including the one or more data elements and the one or more data 
sequences. 

25 26. The method of claim 23 further comprising the step of: 

completing an electronic transaction in response to the second network 
device receiving the on-line form, including the one or more data elements and the 
one or more data sequences. 
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27. The method of claim 20 further comprising the step of: 

creating a data profile, where a number of the data entries are associated 
with the data profile. 

5 28 . The method of claim 27, wherein the data entries associated with the data 
profile relate to personal information. 

29. The method of claim 27, wherein the data entries associated with the data 
profile relate to credit card information. 

10 

30. The method of claim 27, wherein the data entries associated with the data 
profile relate to an identification code or password. 

31. The method of claim 20 further comprising the step of : 

15 prompting the user, to manually enter a data sequence for a given data 

element, if it is determined that there is no data entry which matches that data 
element. 

32. The method of claim 20, wherein said step of determining whether each of 
20 the one or more data elements matches a corresponding data entry comprises the 

step of: 

determining whether a data element matches a corresponding data entry in 
accordance with a pattern matching technique. 

25 33. The method of claim 20, wherein the smart device comprises a smart card. 

34. The method of claim 20, wherein the smart device is a smart card. 
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35. In a system that includes a smart device, a peripheral device and a remote 
network server that is connected to the peripheral device by a computer network, a 
method for completing an on-line form comprising the steps of: 

displaying the on-line form on a display that is associated with the 
5 peripheral device; 

creating a model of the on-line form, wherein the model comprises a 
plurality of data elements associated with the on-line form; 

analyzing a pattern associated with each of the data elements; 
comparing the data pattern associated with each of the data elements to a 
10 data pattern associated with one or more data entries stored in memory on the 
smart device; 

associating a data entry with a corresponding data element if the data 
pattern of the data entry matches the data pattern of the data element; 

transferring a data sequence associated with the data entry, from the 
15 memory on the smart card to the model of the on-line form, if the data pattern of 
the data entry matches the data pattern of the data element, wherein the data 
sequence represents information associated with the user of the smart device; and 

redisplaying the on-line form, wherein the on-line form includes one or 
more data sequences, each being associated with a corresponding one of the 
20 plurality of data elements. 

36. The method of claim 35 further comprising the step of: 

creating a data profile, wherein the data profile comprises a number of the 
data entries stored in memory on the smart device. 

25 

37. The method of claim 36, wherein each of the data entries associated with 
the data profile relate to personal information. 
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38. The method of claim 36, wherein each of the data entries associated with 
the data profile relate to credit card information. 

39. The method of claim 35 further comprising the step of: 

5 transferring the model of the on-line form, including one or more data 

sequences, from the peripheral device to the server over the computer network. 

40. The method of claim 39 further comprising the step of : 

executing an application at the server in response tothe server receiving the 
10 model of the on-line form, including the one or more data sequences. 

41 . The method of claim 39 further comprising the step of: 

completing an on-line transaction in response to the server receiving the 
model of the on-line form, including the one or more data sequences. 

15 

42. The method of claim 39 further comprising the step of: 

granting the user access to a computer network site that is associated with 
the server in response to the server receiving the model of the on-line form, 
including the one or more data sequences. 

20 

43. The method of claim 35, wherein the smart device comprises a smart card. 

44. The method of claim 35, wherein the smart device is a smart card, and 
wherein the one or more data entries, and the data sequences associated with each 

25 of the one or more data entries are stored in memory on the smart card. 

45. A system for completing an on-line form comprising: 
a smart device; 

a peripheral device; 
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a remote network server connected to said peripheral device by a computer 
network; 

means for displaying the on-line form on a display that is associated with 
the peripheral device; 
5 means for creating a model of the on-line form, wherein the model 

comprises a plurality of data elements associated with the on-line form; 

means for analyzing a pattern associated with each of the data elements; 

means for comparing the data pattern associated with each of the data 
elements to a data pattern associated with one or more data entries stored in 
10 memory on the smart device; 

means for associated a data entry with a corresponding data element if the 
data pattern of the data entry matches the data pattern of the data element; 

means for transferring a data sequence associated with the data entry, from 
the memory on the smart card to the model of the on-line form, if the data pattern 
15 of the data entry matches the data pattern of the data element, wherein the data 

sequences represents the information associated with the user of the smart device; 
and 

means for redisplaying the on-line form, wherein the on-line form includes 
one or more data sequences, each being associated with a corresponding one of the 
20 plurality of data elements. 

46. The system of claim 45 further comprising: 

means for creating a data profile, wherein the data profile comprises a 
number of data entry stored on the smart device. 

25 

47. The system of claim 46, wherein each of the data entries associated with 
the data profile relate to personal information. 
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48. The system of claim 46, wherein each of the data entries associated with 
the data profile relate to credit card information. 

49. The system of claim 46, wherein each of the data entries associated with 
5 the data profile relate to an identification code or password. 



50. The system of claim 45 further comprising: 

means for transferring the model of the on-line form, including one or 
more data sequences, from the peripheral device to the server over the computer 
10 network. 



51 . A method of accessing a network site associated with a computer network, 
said method comprising the steps of: 

determining whether an access code is required to access the network site; 
15 electronically searching a list of access codes stored in a memory that is 

associated with a smart device, wherein the electronic search is automatically 
triggered upon a determination that an access code is required to access the 
network site; 

electronically identifying, from amongst the list of access codes, an access 
20 code corresponding with the network site; 

transferring the identified access code to the network site via the computer 
network; and 

accessing the site after transferring the access code. 

25 52. A method for connecting a user to a computer network site comprising the 
steps of: 

activating a smart card; 

launching a network browser in response to the activation of the smart 
card; and 
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connecting the user to the computer network site using the network browser 
and a network address associated with the computer network site, wherein the 
network address is stored in a memory on the smart card. 



5 53 . In a smart card based system that includes a smart card, a first network 
device an input/output device that transmits information between the smart card 
and the first network device, a method for controlling the ability of an end-user of 
the smart card to access a computer network, said method comprising the steps of: 
identifying a computer network site for the end-user of the smart card; 
10 storing a network address in a memory on the smart card, wherein the 

network address corresponds with the identified network site; and 

limiting end-user access to the computer network in accordance with the 
identified network site. 



15 54. In a smart card based system that includes a smart card, a first network 
device an input/output device that transmits information between the smart card 
and the first network device, a method for controlling the ability of an end-user of 
the smart card to access a computer network through the first network device, said 
method comprising the steps of: 

20 defining a computer network access time limit for the end-user of the smart 

card: 

storing a value in a memory on the smart card, said value representing the 
computer network access time limit; and 

limiting the end-user's ability to access the computer network in accordance 
25 with the value that has been stored in the memory on the smart card. 



55. In a smart card based system that includes a smart card, a first network 
device an input/output device that transmits information between the smart card 
and the first network device, a method for controlling the ability of an end-user of 
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the smart card to access a computer network through the first network device, said 
method comprising the steps of: 

identifying a control factor which relates to the end-user ! s ability to 
functionally interact with a computer network site; 
5 storing the control factor in a memory on the smart card; and 

limiting the user's ability to interact with the network site, in accordance 
with the control factor that has been stored in memory on the smart card. 

56. In a smart card based system, a method comprising the steps of: 
10 storing information on a smart card; 

generating a user interface which includes a user-selectable option, wherein 
the user-selectable option is associated with a sponsor; 
selecting the user-selectable option; and 

accessing a network site associated with the sponsor based on the 
15 information stored on the smart card as a result of the selection of the user- 
selectable option. 

57. A method of rewarding an end-user for using a smart card to interact with a 
network site, said method comprising the steps of: 

20 detecting the end-user's use of the smart card to interact with the network 

site; 

conveying a redeemable reward to the end-user in response to said use of 
the smart card to interact with the network site; and 
storing the redeemable reward. 



25 



58. A smart card based system comprising: 

a smart card containing a memory in which data is stored in Extendable 
Mark-up Language (XML); 
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a smart card input/output device having means for receiving said smart 
card and means for reading data from and writing data to said smart card; and 

a peripheral device in communication with said smart card input/output 
device, said peripheral device comprising an XML smart card manager which 
5 servers as an interface between application software being executed by said 
peripheral device and data which is stored in XML format on the smart card, 

wherein said XML smart card manager comprises means for programming 
the smart card in XML format through said smart card input/output device. 

10 59. In a smart device based system that includes a peripheral device and a 
smart device, a method comprising the steps of: 

reading a sequence of data samples which are associated with a 
representation of an end-user*s identity; 

storing the data samples in a memory that is associated with the smart 
15 device; and 

employing the data samples for authentication purposes. 




115 




140 



125 



^^^^^^ 




.130 



j MEM 

— r 

! MicroProc 



120 



i 




135 



145 



FIG. 1B 



SUBSTITUTE SHEET (RULE 26) 



WO 02/23367 



PCT/US01/28538 



2/13 




REMOTE 
SERVER 
(220) 



LOCAL 
(PERIPHERAL) 
DEVICE 

CARD 
READER 



SMART 
^ CARD(S) 



APPLICATION SOFTWARE (210) 

CARD DATA MGR. 
SECURITY MGR. 
AUTHENTICATION MGR. 
MULTI-SESSION MGR. 
CARD XML MGR. 



INTELLIGENT FORM-FILL MGR. 

URL LAUNCH MGR. 

USER ID/PASSWORD MGR. 

PERSONAL DATA MGR. 

CREDIT CARD DATA MGR. 

SITE/APPLICATION MGR. 

QUICK-LINK MGR. 

DIGITAL ID MGR. 

REWARD MGR. 

MEDIA MGR. 



ft 



CARD SOFTWARE 
AND DATA (209) 

CARD DATA MGR. 
SECURITY MGR. 
AUTHENTICATION MGR. 
INTERFACE MGR. 

USER DATA 



FIG. 2 



SUBSTITUTE SHEET (RULE 26) 




SUBSTITUTE SHEET (RULE 26) 



WO 02/23367 



PCT/US01/28538 



4/13 



^Directum. 



This link will automaticaliy be activated when you insert your smartcard. 



Site Name: 
IIIGemPlus 



Site URL: 

|http://gemplus/gemplus/gemplus.htn7 



|| OK || || Cancel || 



FIG. 4A 



MONITOR READER 



i 



420 



DETECT INSERTION 
OF SMART CARD 



— 425 



GET DEFAULT URL —430 



LAUNCH BROWSER 



— 435 



CONNECT WITH 
DEFAULT URL 



— 440 



FIG. 4B 



SUBSTITUTE SHEET (RULE 26) 



WO 02/23367 PCT/USO 1/28538 



5/13 




Favorites Sites/Applications 

<Add new favorite> 
Gemplus Utilities Homepage 
gpTOYS.com 
Gembooks.com 
gAUCTION 
Gifts.com 



Identifr) (Favorites) ( Me! ) 




FIG. 5 



SUBSTITUTE SHEET (RULE 26) 



WO 02/23367 



PCT/US01/28538 



6/13 




Site/Application 

<Add New > 

Gembooks.com 
Gifts.com 
E-mail 



identfw) (Favorites) ( Me! ) 




FIG. 6A 



£h> Usemame/Password rTTn][Ell 



Site/Application Name: 
|[ Gifts.com _ 



User Name: || jdoe 
Password: 



Hide Password? E3 
Send <Enter> to linked web page or dialog box? O 



OK 



Cancel 



FIG. 6B 

SUBSTITUTE SHEET (RULE 26) 



WO 02/23367 



PCT/US01/28538 



7/13 



600 



ACCESS 
SITE/APPLICATION 



605 




615 — 



645 



PROMPT 
USER 



650 



655 



SEARCH ID/PASS 
DATA STORED ON THE 
SMART CARD 




YES 




I 



STOP —630 




STORE 
ID/PASS 



— 660 



STOP 



1 
610 




TRANSFER 
ID/PASS 



r— 635 



FIG. 6C 



SUBSTITUTE SHEET (RULE 26) 



WO 02/23367 



PCT/US01/28538 



8/13 



Personal Profile 



Profile Name: 



Dad - Work 




I 


Prefix First Name 


Ml 


Last Name 


|Mr. ▼) ||John 


II IIS II 


Doe I 


Company: 


Title: 




||Gemplus 


|| || Director Marketing I 


Address Line 1: 


Address Line 2: 


1108 W Roberts Street fl ||Suite1 ]| 


City: 


State: Zip: 


Country: 


iNorristown 


«PAl IH9333 || HUSA I 


Work Phone: 


Home Phone: 


Fax: 


1610-279-9249 II 


609-334-5533 II 


11610-279-1234 l| 




Email Address: 

| jdoe@gemplus.com _]| 



Is this your default profile? H 

Checking this box will submit this profile information 
you click the 'me' button when filing out online form. 



Cancel 



FIG. 7A 




Personal Profiles 

<Add new profile > 

Dad — Home 
Dad - Work 





QLB-1 




QLB-2 




QLB-3 




QLB-4 




QLB-5 



FIG. 7B 

SUBSTITUTE SHEET (RULE 26) 



WO 02/23367 



PCT/US01/28538 



9/13 

Credit Card Information fZlBl Ix 



Card Description: |HVisaGold 



Name on Credit Card: Credit Card #: 

I John S. Doe \\ ||1234 5678 9012311 

Card Type: Month Year 

Card Expiration: HoTWl [12001 M 



Is this your default card? El 

Checking this box will submit this card information 
when you click the 'me' button for purchases. 

|| OK ll || Cancel || 



FIG. 8A 



( Passwords ) 
(Personal) 



Credit 
Cards 



URL 



Credit Cards 



<Add new credit card > 

Visa Gold 
American Express 
MasterCard 



Q\ @|) C Favorites ) C Me! ) 




FIG. 8B 



SUBSTITUTE SHEET (RULE 26) 



WO 02/23367 



PCT/US01/28538 



10/13 



900 — 



SELECT "Me!" 
BUTTON 



905 — 



ANALYZE 



910— CREATE MODEL 



930 

A 



PROMPT 
USER 



I 



915 




YES 



USE DATA TO 
COMPLETE MODEL 



— 920 



925 



935 




YES 



REFLECT MODEL 



940 



I 



TERMINATE PROCESS 



FIG. 9 



SUBSTITUTE SHEET (RULE 26) 



WO 02/23367 



PCT/USOl/28538 



310 



11/13 



QLB - 1 
QLB - 2 
QLB -3 
QLB -4 
QLB -5 




FIG. 10A 



FIG. 10B 



1000 



SELECT 
QLB 



LOAD URL FOR 
QLB -5 




1010 



LOAD URL FOR 
QLB - 1 



1020 



LOAD URL FOR 
QLB -2 



r 



1030 



LOAD URL FOR 
QLB -3 



1040 



LOAD URL FOR 
QLB -4 



1050 



TERMINATE 
PROCESS 



SUBSTITUTE SHEET (RULE 26) 



A WO 02/23367 PCT/US01/28538 



12/13 



1100 — 



( START J 

GENERATE & 
SAMPLE DATA SIGNAL 



I 



1 1 05 — STORE DATA SAMPLES 



1110 




YES 



READ DATA SAMPLES 



1115 



DISPLAY 
CORRESPONDING 

PORTION OF 
REPRESENTATION 



— 1125 



1120— 



STORE 
DATA ON 
SMART 
CARD 



1130 



1135 




FIG. 11 



SUBSTITUTE SHEET (RULE 26) 



WO 02/23367 



PCT/US01/28538 



13/13 



END-USER 
ACTION 



— 1205 



AUTHENTICATION —1210 



REWARDS —1215 



END-USER/CONSUMER 



ACCUMULATE 
REDEEM 
TRANSFER 



ISSUER/E-COMMERCE 
PROVIDER 



INFLUENCE END-USER/ 
CONSUMER BEHAVIOR 



TRACK END-USER/ 
CONSUMER BEHAVIOR 



FIG. 12 



SUBSTITUTE SHEET (RULE 26) 



INTERNATIONAL SEARCH REPORT 



International application No. 
PCT/USO 1/28538 



A. CLASSIFICATION OF SUBJECT MATTER 

IPC(7) :G06F 15/173, 15/ 16 

US CL : 709/226, 220; 713/172; 380/24; 379/144 
According to International Paten t Classification (IPC) or to both national classification and IPC 

B. FIELDS SEARCHED 

Minimum documentation searched (classification system Followed by classification symbols) 
U.S. : 709/226, 229; 713/172; 380/24; 379/144 



Documentation searched other than minimum documentation to the extent that such documents are included in the fields 
searched 



Electronic data base consulted during the international search (name of data base and, where practicable, search terras used) 
Please See Extra Sheet. 



DOCUMENTS CONSIDERED TO BE RELEVANT 



Category* 


Citation of document, with indication, where appropriate, of the relevant passages 


Relevant to claim No. 


Y,P 


US 6, 199, 1 14 Bl (WHITE et al) 06 March 2001 , abstract, figures 1 , 
3, 6, 7, 8, col. 1 lines 61-col. 2 lines 1-22, col. 3 lines 56-col. 4 
lines 1-67, col. 5 lines 10-32, col. 7 lines 9-30, col. 10 lines 36-64. 


1-59 


Y,P 


US 6,173,400 Bl (PERLMAN et al) 09 January 2001, abstract, 
figures 1, 9, col. 2 lines 12-27, col. 5 lines 19-64, col. 12 lines 1- 
41. 


1-59 


Y 


US 5,710,887 A (CHELLIAH et al) 20 January 1998, abstract, 
figures 1, 2, 5, 8, 12, col. 2 lines 4-34, col. 3 lines 47-col. 4 lines 
1-48, col. 10 lines 14-55, col. 14 lines 40-59, col. 16 lines 3-67, col. 
28 lines 52-col. 29 lines 23. 


1-59 


X Further documents are listed in the continuation of Box C. ] | See patent family annex. ! 



* Special categories of cited documents: 

"A" document defining the general state of the art which is not considered 

to be of particular relevance 

*F earlier document published on or after the international filing date 

*V document vrhieh may throw doubts on priority cla£m(s) ox which is 

oited to establish the publication date of another citation or other 
special reason (as specified) 

*O a document referring to an oral disclosure, use, exhibition or other 

means 

"P 1 document published prior to the international filing date but later 



later document published after the international filing data or priority 
date and not in conflict with the application bat cited to understand 
the principle or theory underlying the invention 

document of particular relevance; the claimed Invention cannot be 
considered novel or cannot be considered to involve an inventive step 
whan the document is taken alone 

document of particular relevance; the claimed invention cannot be 
considered to involve an inventive step when the document is combined 
with one or more other such documents, snch combination being 
obvious to a person akilled in the art 

document member of the same patent family 



Date of the actual completion of the international search 
86 OCTOBER sooi 


Date of mailing of the international search report 

06NOV2OO1 


Name and mailine: address of the ISA/ US 
Commissioner of Patents and Trademarks 
Box PCT 

Washington, D.C. 20231 
Facsimile No. (70S) S05-SS30 


Authorized officer /^^/^y^' ^ — ^ 

AYA2 R. SHEIKH^X 
Telephone No. (70s) 305-9648 



Form PCT/ISA/210 (second sheet) (July 1998)* 



INTERNATIONAL SEARCH REPORT 



International application No. 
PCT/US01/285S8 



C (Continuation). DOCUMENTS CONSIDERED TO BE RELEVANT 


Category* 


Citation of document, with indication, where appropriate, of the relevant passages 


Relevant to claim No. 


T 


US 6,058,373 A (BUCNN et al) 02 May 8000, abstract figures 1, 2, 
coL 2 lines 4-67, coL 3 lines 1-coL 4 lines 14, coL 13 lines 35-coL 
14 lines 26. 


1-59 


A,P 


US 6,122,355 A (STTtOHL) 19 September 2000, abstract, figures 1, 
2, 4, coL 1 lines 19-51 


1-59 


A 


US 5,604,802 A (HOLLOWAY) 18 February 1997, abstract, figures 
2, 3, ooL 1 lines 57-eoL 2 lines 55. 

i 


1-59 



Form PCT/ISA/2IO (continuation of second sheet) (July 1998)* 



INTERNATIONAL SEARCH REPORT 



International application No. 
PCT/USO 1/28538 



B. FIELDS SEARCHED 

Electronic data bases consulted (Name of data base and where practicable terms used): 
EAST, WEST 

search terms: smart card, intergrated circuit card, chip card, memory card, samrt device, peripheral device, GUI, remote 
network server, order on-line, buy on-line, network devices, network connection and network operation, display and re- 
display on-line form. 



Form PCT/ISA/210 (extra sheet) (July 1998)* 



THIS PAGE BLANK (uspto) 



This Page is Inserted by IFW Indexing and Scanning 
Operations and is not part of the Official Record 

BEST AVAILABLE IMAGES 

Defective images within this document are accurate representations of the original 
documents submitted by the applicant. 

Defects in the images include but are not limited to the items checked: 

□ BLACK BORDERS 

□ IMAGE CUT OFF AT TOP, BOTTOM OR SIDES 
^ FADED TEXT OR DRAWING 
□^BLURRED OR ILLEGIBLE TEXT OR DRAWING 

□ SKEWED/SLANTED IMAGES 

□ COLOR OR BLACK AND WHITE PHOTOGRAPHS 

□ GRAY SCALE DOCUMENTS 

□ LINES OR MARKS ON ORIGINAL DOCUMENT 

□ REFERENCE(S) OR EXHmiT(S) SUBMITTED ARE POOR QUALITY 

□ OTHER: 

IMAGES ARE BEST AVAILABLE COPY. 
As rescanning these documents will not correct the image 
problems checked, please do not report these problems to 
the IFW Image Problem Mailbox. 



THIS PAGE BLANK (uspto) 



